this post was submitted on 19 Jan 2024
327 points (98.8% liked)

Open Source

31692 readers
678 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Just saw the discussion around the Haier Home Assistant takedown and thought it would be good to materialize the metaphorical blacklist.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 73 points 11 months ago (2 children)

Should add Reddit. Started out as FOSS, closed down their GitHub, then killed their API which killed dozens of third party integrations impacting hundreds of thousands of users.

[–] [email protected] 15 points 11 months ago

And now apparently removing all comments that mention Lemmy...

[–] [email protected] 5 points 11 months ago

lol dw we all know

[–] [email protected] 35 points 11 months ago (1 children)

It might be a good idea to do the exact opposite I.e. make a OSS whitelist. It will be much easier to maintain given the scale of applications/services/products.

[–] [email protected] 6 points 11 months ago (1 children)

Although I agree, it's tough to make a whitelist than a blacklist, as the latter requires only 1 bad decision, the former is tough to assess (how many good decision to be on the list, ex Microsoft support lots of open source projects, should they be added?)

[–] [email protected] 4 points 11 months ago

No. Never. It's a ruse.

[–] [email protected] 33 points 11 months ago

The new owner of Simple Mobile Tools? Buying it and then adware stuffing? ZipoApps?

[–] [email protected] 31 points 11 months ago (1 children)

Don't forget to add Nintendo

[–] thesmokingman 30 points 11 months ago (11 children)

It’s probably a good idea to have a stronger definition and mission. Here are a few scenarios you should consider.

  • FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.
  • Mongo wrote the SSPL and MariaDB wrote the BSL. Both licenses are seen as regressions. I personally respect the MariaDB case and have been harassed by too many Mongo salespeople to say the same about them.
  • Platforms like AWS are the reason companies like CockroachDB and Elastic implemented restrictive licenses.
  • IBM has been gutting open source through its acquisition of Red Hat. This is a common story; Oracle has been screwing *nix longer.
  • Protecting trademarks causes a lot of consternation from users. The Rust Foundation is the most recent example of this I remember blowing up the FOSS community.

I like your idea a lot. I think it needs some definition to be very successful!

[–] [email protected] 15 points 11 months ago* (last edited 11 months ago) (1 children)

FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.

I'm not planning on counting that as hostile behavior. Organizations can choose a license for their software (and I can choose not to buy/use it). This collection is mostly focused on companies that hurt existing Open Source software. Such as sending a cease and desist to an unofficial plugin/extension or closing down software that was originally open source.

[–] [email protected] 5 points 11 months ago (2 children)

Maybe your could also add organisations (companies, government agencies, NGOs,...) that create standards in such a way that the standard is hard or impossible to implement in open source implementations?

load more comments (2 replies)
[–] [email protected] 4 points 11 months ago

IBM is so good and so bad. Their machines are so open. Their software is not.

load more comments (9 replies)
[–] [email protected] 27 points 11 months ago* (last edited 11 months ago) (1 children)

Add Haier to the list. They’re threatening Homekit devs and issued a takedown on a GitHub hosted HVAC controller for their units. Citing it hurting their income (I assume they mean data mining income when you stop letting them monitor your appliances online).

The dev is looking for a lawyer to consult, and wants to fight, so has probably not got any copyright infringing code in his repo.

Oh and for boycotting purposes, they sell appliances under the brands: Haier, Casarte, Leader, GE Appliances, Fisher & Paykel, Aqua and Candy.

[–] [email protected] 10 points 11 months ago (1 children)
[–] [email protected] 5 points 11 months ago

Oops thanks, I must have missed it when I looked.

I’ll check out the repo when I’m back in front of a computer later.

[–] [email protected] 19 points 11 months ago

I really like seeing codeberg being used more.

Also I'm definitely keeping my eyes on this repo once in a while 👀🧐🍵

[–] [email protected] 17 points 11 months ago (1 children)

I'm shocked that the list only contains one

[–] [email protected] 30 points 11 months ago* (last edited 11 months ago)

I created it less than an hour ago. If you have any other suggestions please share (or send a pull request).

EDIT: The list contains 3 companies now

[–] [email protected] 14 points 11 months ago (1 children)

This seems like it could be useful info if it takes off

[–] [email protected] 13 points 11 months ago (4 children)

Do you have any suggestions for the list?

[–] [email protected] 16 points 11 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 12 points 11 months ago (1 children)

That garage door company that removed API access, breaking it for about 20000 Home Assistant users

Also they stopped working on their integration for Alexa/Homekit/Google Home, forcing all their users in general into their ad filled app.

Think it was Chamberlain or something

[–] [email protected] 4 points 11 months ago

I've added Chamberlain Group

[–] [email protected] 5 points 11 months ago (1 children)
[–] [email protected] 4 points 11 months ago (1 children)
[–] gopher 5 points 11 months ago (1 children)

Obviously that was a controversial decision, but Red Hat probably contributes to Open Source more than any other company. To call Red Hat "OSS Hostile" is probably a little too much.

[–] [email protected] 3 points 11 months ago

I think you're right. I've changed it to IBM instead of Red Hat themselves because they were the cause of the policy changes.

[–] [email protected] 5 points 11 months ago

Mazda https://piped.video/watch?v=MirpRkmruOg

Mazda files false DMCA takedown notice to intimidate open source programmer

[–] [email protected] 13 points 11 months ago

We are writing to inform you that we have discovered two Home Assistant integration plug-ins developed by you ( https://github.com/Andre0512/hon and https://github.com/Andre0512/pyhOn ) that are in violation of our terms of service

Did the guy explicitly agree to their Terms of service? If not, how can he be in breach of them?

cease and desist all illegal activities

What illegal activities exactly?

Feels like unenforceable scare tactics, but IANAL.

[–] [email protected] 12 points 11 months ago* (last edited 11 months ago) (1 children)

Add Mazda to this list please.

The developer of this plugin for HomeAssistant apparently didn't have insurance and couldn't risk the legal fight. This is the DMCA take down that Mazda issued for the reason that the code "provides functionality same as what is currently in Apple App Store and Google Play App Store"

https://github.com/github/dmca/blob/master/2023/10/2023-10-10-mazda.md

Additional Coverage: https://arstechnica.com/cars/2023/10/mazdas-dmca-takedown-kills-a-hobbyists-smart-car-api-tool/

load more comments (1 replies)
[–] [email protected] 12 points 11 months ago

Hehehe, somebody really did it after Haier's act of stupidity

[–] [email protected] 12 points 11 months ago (1 children)

Good to know I have never given money to anyone on the list. Just don't buy products where the manufacturer is even in a position to pull these kinds of bait-and-switch manoevers, then you won't have to worry about who they are.

[–] [email protected] 4 points 11 months ago (1 children)

You've never bought anything from Nintendo?

[–] [email protected] 9 points 11 months ago

Never in my life.

[–] [email protected] 7 points 11 months ago* (last edited 11 months ago) (1 children)

As i understand google and Microsoft don't really fit here

Probably the definition should look something like: companies that proactively did actions towards harming open source culture/community/movement. Don't respect foss licensing, etc

I nominate Gitea for this one, for hijacking the project, and making it for profit organization

Also, Ultimate Guitar with their kido musescore, for basically trying to do the same thing that manga company is trying to do right now

And my favorite.. Facebook for their oculus privacy and for threatening to sue everyone who tries to jailbreak or modify their devices

Simple tools is probably not considered open source anymore

P.S. oh! Really also think about Proton, Brave, and Telegram

Three companies that are famous for saying they are foss, but in really it's often not exactly that

Proton's and telegram's servers are not foss

Telegram and brave had many instances of delaying publishing the source, even though they already updated the apps

Also, not sure how about now, but telegram is famous for having not reproducible builds, brave probably too

[–] [email protected] 11 points 11 months ago (2 children)

Proton's server code is not Open Source because it contains filter and anti spam detection which if released, would severely hamper their ability to detect spam and keep their users safe + detect abuse for their service.

Proton has had extensive security audits done and their claims have been backed up by independent third parties.

The definition should be further modified to include legitimate reasons for not open sourcing some code + having audits to back up claims.

load more comments (2 replies)
[–] [email protected] 6 points 11 months ago (1 children)

Surprised that most hardware companies aren't on the list. AMD, Intel, Nvidia, Apple, Broadcom all are hostile to reverse engineering or in Nvidias case, not even bothering to do the bare minimum for an ultra lenient Torvalds.

[–] [email protected] 3 points 11 months ago

It’s open to pull requests

[–] [email protected] 6 points 11 months ago

Do we even need to say nvidia?

[–] [email protected] 5 points 11 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 5 points 11 months ago (1 children)

This is awesome! Maybe it should be noted where the cutoff is. What is considered hostile behavior and what is not?

[–] [email protected] 5 points 11 months ago (1 children)

That's a good point. I wasn't really sure where to put the cutoff point nor how to define it. Another problem is what consists as anti-OSS behavior. Is anti-right-to-repair part of it?

[–] [email protected] 5 points 11 months ago

Good question! May I suggest some kind of poll or questionaire to gather what the majority thinks constitutes oss hostile or anti oss behavior. Maybe it would also be good to question the purpose of this list to maybe find a logical cutoff point that way. Example: If naming and shaming is the purpose then it might not matter if anti right to repair or just not giving any api access since it makes controling stuff you bought harder by choice.

I always choose this kind of philosophical approach since it helps me make decision.

[–] [email protected] 2 points 11 months ago* (last edited 11 months ago) (1 children)

Nice OP! Thank you! I don't have a codeberg account yet, but you can use this to easily create a TOC https://imthenachoman.github.io/nGitHubTOC.

It would be good to add links/citations as well, instead of just quotes. IE: https://www.bleepingcomputer.com/news/security/haier-hits-home-assistant-plugin-dev-with-takedown-notice/

load more comments (1 replies)
load more comments
view more: next ›